Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.apifycloud.io/llms.txt

Use this file to discover all available pages before exploring further.

Click to Call processes voice and personal data on behalf of both you (the controller) and ApifyCloud (the processor). This page covers what data is involved and the consent patterns you can build into the widget.

Personal data processed

The widget touches four categories of data:
CategoryExamples
IdentifiersIP address, user agent, session token
Call metadataCall id, duration, timestamps
Voluntary contentURL context (orderId, customerTier), survey responses, pre-call form fields
Audio streamThe call audio itself
URL context is whatever you pass to the widget — you control what goes in it, and you’re responsible for the lawful basis to send it to us. Don’t include sensitive categories (health, financial account numbers, biometrics) unless you’ve done the legal analysis on your side.

Microphone permission

Handled by the browser’s native permission prompt. No extra layer is added. When the visitor taps the call button for the first time, the browser shows its standard “allow microphone access” dialog.

Before-call disclosure

Regulated industries (finance, health) often require disclosing data collection before the microphone is active. Place a text block in the idle state of the widget (designed in Call Studio) with your disclosure text — it renders above the call button, so the visitor reads it before tapping. Any analytics pixels you add via Custom code live inside a sandbox with an opaque origin. They can’t read or write cookies on your domain, so they don’t fall under your site’s cookie banner — they get their own cookie jar per sandbox. That said, if you ship analytics pixels inside the sandbox, their tracking is still attributable to the visitor on the pixel provider’s own domains. You should disclose their presence in your privacy notice.

PCI, HIPAA, and similar

  • PCI — we’re not a payment processor and we do not accept card data through the widget. Don’t paste card numbers into URL context or survey fields.
  • HIPAA — Click to Call is not currently a HIPAA-eligible service. Do not use it to transmit Protected Health Information (PHI).

Contact

For privacy questions or compliance review requests, contact support.